HP3000-L Archives

April 2009, Week 2

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: How to see what's locked in a TurboIMAGE database
From:
Joshua Johnson <[log in to unmask]>
Reply To:
Joshua Johnson <[log in to unmask]>
Date:
Tue, 14 Apr 2009 01:57:21 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (64 lines) 
Walter,

I like your thinking. Very simple and secure. I have used this technique for
lots of stuff. You can make it a little smarter with the following example
using the listuser command. You can also use $GOD-RESTRICT in SECURCON to
secure GOD.PUB.VESOFT. Don't forget to add the withcaps config to your
STREAMX.DATA.VESOFT file. To properly secure this so users cannot see your
DB password you must secure the file, only allowing execute access to the
users who need it. I suggest an ACL and/or put it in an acct and group that
the user can't logon to and set execute to ANY and everything else to
account or group only access. The nohelp and nolist will prevent users from
seeing the code. I am pretty sure the nolist will prevent hpcmdtrace from
showing anything but, you may need to set that as well.

anyparm p1
option nohelp, nolist
if pos('PASS',ups('!p1'))>0
  echo ERROR: You are not allowed to use the PASS option.
  return
endif
if insidempex=0
  run main.pub.vesoft;parm=3;info="xeq !hpfile !p1"
else
  continue
  withcaps 'sm',:listuser !p1
endif

Enjoy,
Joshua Johnson

-----Original Message-----
From: HP-3000 Systems Discussion [mailto:[log in to unmask]] On Behalf
Of Walter J. Murray
Sent: Sunday, April 12, 2009 3:26 PM
To: [log in to unmask]
Subject: [HP3000-L] How to see what's locked in a TurboIMAGE database

Greetings,

I am looking for a way to permit ordinary users (programmers and support
staff) to see who is using a TurboIMAGE database, and what locks are in
effect and are pending--the information you would see with DBUTIL using
SHOW ... USERS and SHOW ... LOCKS or SHOW ... ALL.

I have to work within these constraints:  (1) Can't let them log on with
SM capability.  (2) Can't let them log on as the database creator.  (3)
Can't reveal the password on the MPEX GOD program.  (4) Can't reveal the
password on DBUTIL.

Any suggestions?  Any utility to do this?

My best idea so far is to set up a command file that would use the MPEX
%WITHCAPS command to grant SM capability temporarily, then run DBUTIL.

Walter  

Walter J. Murray

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2